An Improved Threshold Ring Signature Scheme Based on Error Correcting Codes

  • Pierre-Louis Cayrel
  • Sidi Mohamed El Yousfi Alaoui
  • Gerhrad Hoffmann
  • Pascal Véron
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7369)


The concept of threshold ring signature in code-based cryptography was introduced by Aguilar et al. in [1]. Their proposal uses Stern’s identification scheme as basis. In this paper we construct a novel threshold ring signature scheme built on the q-SD identification scheme recently proposed by Cayrel et al. in [14]. Our proposed scheme benefits of a performance gain as a result of the reduction in the soundness error from 2/3 for Stern’s scheme to 1/2 per round for the q-SD scheme. Our threshold ring signature scheme uses random linear codes over the field \(\mathbb{F}_q\), secure in the random oracle model and its security relies on the hardness of an error-correcting codes problem (namely the q-ary syndrome decoding problem). In this paper we also provide implementation results of the Aguilar et al. scheme and our proposal, this is the first efficient implementation of this type of code-based schemes.


post-quantum cryptography code-based cryptography identification scheme threshold ring signature scheme 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Aguilar Melchor, C., Cayrel, P.-L., Gaborit, P.: A New Efficient Threshold Ring Signature Scheme Based on Coding Theory. In: Buchmann, J., Ding, J. (eds.) PQCrypto 2008. LNCS, vol. 5299, pp. 1–16. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  2. 2.
    Aguilar Melchor, C., Cayrel, P.-L., Gaborit, P., Laguillaumie, F.: A new efficient threshold ring signature scheme based on coding theory. IEEE Transactions on Information Theory 57(7), 4833–4842 (2011)MathSciNetCrossRefGoogle Scholar
  3. 3.
    Aguilar Melchor, C., Gaborit, P., Schrek, J.: A new zero-knowledge code based identification scheme with reduced communication (2011),
  4. 4.
    El Yousfi Alaoui, S.-M., Dagdelen, Ö., Véron, P., Galindo, D., Cayrel, P.-L.: Extended security arguments for (ring) signature schemes. Cryptology ePrint Archive, Report 2012/068 (2012)Google Scholar
  5. 5.
    Barg, S.: Some new NP-complete coding problems. Problemy Peredachi Informatsii 30, 23–28 (1994)MathSciNetGoogle Scholar
  6. 6.
    Barreto, P.S.L.M., Cayrel, P.-L., Misoczki, R., Niebuhr, R.: Quasi-Dyadic CFS Signatures. In: Lai, X., Yung, M., Lin, D. (eds.) Inscrypt 2010. LNCS, vol. 6584, pp. 336–349. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  7. 7.
    Becker, A., Joux, A., May, A., Meurer, A.: Decoding Random Binary Linear Codes in 2(n/20): How 1 + 1 = 0 Improves Information Set Decoding. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 520–536. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  8. 8.
    Berlekamp, E., McEliece, R., van Tilborg, H.: On the inherent intractability of certain coding problems. IEEE Transactions on Information Theory 24(3), 384–386 (1978)zbMATHCrossRefGoogle Scholar
  9. 9.
    Bernstein, D.J., Buchmann, J., Dahmen, E.: Post-Quantum Cryptography, 1st edn. Springer Publishing Company, Incorporated (2008)Google Scholar
  10. 10.
    Bernstein, D.J., Lange, T., Peters, C.: Smaller Decoding Exponents: Ball-Collision Decoding. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 743–760. Springer, Heidelberg (2011)Google Scholar
  11. 11.
    Biswas, B., Sendrier, N.: McEliece Cryptosystem Implementation: Theory and Practice. In: Buchmann, J., Ding, J. (eds.) PQCrypto 2008. LNCS, vol. 5299, pp. 47–62. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  12. 12.
    Bresson, E., Stern, J., Szydlo, M.: Threshold Ring Signatures and Applications to Ad-hoc Groups. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 465–480. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  13. 13.
    Cayrel, P.-L., Lindner, R., Rückert, M., Silva, R.: A Lattice-Based Threshold Ring Signature Scheme. In: Abdalla, M., Barreto, P.S.L.M. (eds.) LATINCRYPT 2010. LNCS, vol. 6212, pp. 255–272. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  14. 14.
    Cayrel, P.-L., Véron, P., El Yousfi Alaoui, S.M.: A Zero-Knowledge Identification Scheme Based on the q-ary Syndrome Decoding Problem. In: Biryukov, A., Gong, G., Stinson, D.R. (eds.) SAC 2010. LNCS, vol. 6544, pp. 171–186. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  15. 15.
    Courtois, N.T., Finiasz, M., Sendrier, N.: How to Achieve a McEliece-Based Digital Signature Scheme. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 157–174. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  16. 16.
    Dallot, L., Vergnaud, D.: Provably Secure Code-Based Threshold Ring Signatures. In: Parker, M.G. (ed.) Cryptography and Coding 2009. LNCS, vol. 5921, pp. 222–235. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  17. 17.
    Fiat, A., Shamir, A.: How to Prove Yourself: Practical Solutions to Identification and Signature Problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)Google Scholar
  18. 18.
    Fiege, U., Fiat, A., Shamir, A.: Zero knowledge proofs of identity. In: Proceedings of the Nineteenth Annual ACM Symposium on Theory of Computing - STOC, pp. 210–217 (1987)Google Scholar
  19. 19.
    Gaborit, P., Girault, M.: Lightweight code-based authentication and signature. In: IEEE International Symposium on Information Theory–ISIT 2007, Nice, France, pp. 191–195. IEEE (2007)Google Scholar
  20. 20.
    Herranz, J., Sáez, G.: Forking Lemmas for Ring Signature Schemes. In: Johansson, T., Maitra, S. (eds.) INDOCRYPT 2003. LNCS, vol. 2904, pp. 266–279. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  21. 21.
    May, A., Meurer, A., Thomae, E.: Decoding random linear codes in \(\tilde{\mathcal{O}}(2^{0.054n})\). In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 107–124. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  22. 22.
    McEliece, R.: A public-key cryptosystem based on algebraic coding theory. The Deep Space Network Progress Report, DSN PR 42–44 (1978),
  23. 23.
    Niebuhr, R., Cayrel, P.-L., Bulygin, S., Buchmann, J.: On Lower Bounds for Information Set Decoding over \(\mathbb{F}_q\). In: SCC 2010, RHUL, London, UK, pp. 143–157 (2010)Google Scholar
  24. 24.
    Niederreiter, H.: Knapsack-type cryptosystems and algebraic coding theory. Problems of Control and Information Theory 15(2), 159–166 (1986)MathSciNetzbMATHGoogle Scholar
  25. 25.
    Peters, C.: Information-Set Decoding for Linear Codes over \(\mathbb{F}_{q}\). In: Sendrier, N. (ed.) PQCrypto 2010. LNCS, vol. 6061, pp. 81–94. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  26. 26.
    Rivest, R.L., Shamir, A., Tauman, Y.: How to Leak a Secret: Theory and Applications of Ring Signatures. In: Goldreich, O., Rosenberg, A.L., Selman, A.L. (eds.) Theoretical Computer Science. LNCS, vol. 3895, pp. 164–186. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  27. 27.
    Stern, J.: A New Identification Scheme Based on Syndrome Decoding. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 13–21. Springer, Heidelberg (1994)Google Scholar
  28. 28.
    Stern, J.: A new paradigm for public key identification. IEEE Transactions on Information Theory 42, 1757–1768 (1996)zbMATHCrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Pierre-Louis Cayrel
    • 1
  • Sidi Mohamed El Yousfi Alaoui
    • 2
  • Gerhrad Hoffmann
    • 3
  • Pascal Véron
    • 4
  1. 1.Laboratoire Hubert Curien Université de Saint-EtienneFrance
  2. 2.CASED – Center for Advanced Security ResearchDarmstadtGermany
  3. 3.Technische Universität DarmstadtGermany
  4. 4.IML/IMATH Université du Sud Toulon-Var.La Garde CedexFrance

Personalised recommendations